Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer not working for Windows 8.1


  • This topic is locked This topic is locked
9 replies to this topic

#1 DarkDream

DarkDream

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:27 PM

Posted 01 February 2015 - 07:04 PM

Hi guys, how's it going? I'm having a bit of a problem. At first, I noticed that there was a problem involving proxy settings, so I went to check and there was a forced proxy 127.0.0.1 affecting some port that didn't allow me to uncheck it. 

 

There was also some form of virus causing intruding pop-ups that completely covered the desktop. I ran a virus scan with Kingsoft Antivirus, but the problem persisted. I found out that Google Chrome was causing the virus, so I deleted the entire browser since no one uses it, and now the Internet explorer app wont work.. It allows you to click the buttons but they give no effect. 

 

I checked the desktop internet explorer and it was working fine. It's where I'm sending this post in from. But the app itself is down. I checked to see if the proxy was there, but the box was unchecked and the proxy appeared to be gone. Yet and still the internet explorer app won't work. I ran an FRST scan and I'm going to attach it to this post. Any help would be greatly appreciated.

 

 

 

FRST LOG

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Victor (administrator) on MANITO on 01-02-2015 18:53:11
Running from C:\Users\Victor\Downloads
Loaded Profiles: Victor (Available profiles: Victor & TeeJ & Administrator & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Aol)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Kingsoft Corporation) C:\Program Files (x86)\Kingsoft\kingsoft antivirus\kxescore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TosTogKeyMon.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1390095038\ee\aolsoftware.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kingsoft Corporation) C:\Program Files (x86)\Kingsoft\kingsoft antivirus\kxetray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\shellmon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TOSHIBA) C:\Program Files (x86)\Toshiba\System Setting\TOSHIBASystemSetting.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\Hotkey\TosTogKeyMon.exe [2365792 2013-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [743336 2012-07-31] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [kxesc] => c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe [1595056 2014-01-18] (Kingsoft Corporation)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1390095038\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ospd_us_748] => [X]
HKLM-x32\...\Run: [gmsd_us_138] => [X]
HKLM-x32\...\RunOnce: [Search Extensions Program Files Data Uninstall] => cmd /C rd /Q /S "C:\Program Files (x86)\Search Extensions"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE [72296 2014-08-19] (AOL Inc.)
AppInit_DLLs-x32: c:/progra~3/{29fac~1/171~1.0/nena.dll => "c:/progra~3/{29fac~1/171~1.0/nena.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6600 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 6600 (Network).lnk -> C:\Program Files\HP\HP Officejet 6600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:47574
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL =
SearchScopes: HKLM-x32 -> {B938A52D-4357-47D8-A336-563009933BAC} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> DefaultScope {71FC85C9-B18F-4BD0-A6CA-37499DE94888} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_installertech_15_04&cd=2XzuyEtN2Y1L1QzutBtDyCzzzy0D0F0FyByDtD0Ezy0B0EzytN0D0Tzu0StCtCtCzytN1L2XzutAtFyBtFtBtFtDtN1L1Czu2Z1E1I1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0ByB0C0D0A0FzytG0AyEyDtCtG0CyEtC0CtGtCyDyBtAtGyDyC0AyD0Ezz0AyBzzyE0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyDzyyCtCtDyD0EtGtAyDzytDtGyEtDyDtDtG0BtAyByDtGtA0DtBzy0F0CyE0AtB0ByBtC2Q&cr=1990727283&ir=
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> {71FC85C9-B18F-4BD0-A6CA-37499DE94888} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_installertech_15_04&cd=2XzuyEtN2Y1L1QzutBtDyCzzzy0D0F0FyByDtD0Ezy0B0EzytN0D0Tzu0StCtCtCzytN1L2XzutAtFyBtFtBtFtDtN1L1Czu2Z1E1I1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0ByB0C0D0A0FzytG0AyEyDtCtG0CyEtC0CtGtCyDyBtAtGyDyC0AyD0Ezz0AyBzzyE0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyDzyyCtCtDyD0EtGtAyDzytDtGyEtDyDtDtG0BtAyByDtGtA0DtBzy0F0CyE0AtB0ByBtC2Q&cr=1990727283&ir=
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> {DCD1F157-610C-4932-818C-01571D05A678} URL =
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-01-18]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - No Path
CHR HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 kxescore; c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [123992 2014-01-18] (Kingsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2012-06-19] (Windows ® Win 7 DDK provider)
R0 kavbootc; C:\Windows\System32\drivers\kavbootc64.sys [31848 2014-01-18] (Kingsoft Corporation)
R1 KDHacker; c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [164696 2014-01-18] (Kingsoft Corporation)
R2 kisknl; C:\windows\system32\drivers\kisknl.sys [210296 2014-01-18] (Kingsoft Corporation)
R4 KUsbGuard; C:\Program Files (x86)\Kingsoft\kingsoft antivirus\kusbquery64.sys [18296 2014-01-18] (Kingsoft Corporation)
R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [32256 2012-06-19] (Nuvoton Technology Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S1 ssnfd_1_10_0_7; system32\drivers\ssnfd_1_10_0_7.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 18:32 - 2015-02-01 18:53 - 00017082 _____ () C:\Users\Victor\Downloads\FRST.txt
2015-02-01 18:32 - 2015-02-01 18:32 - 00033961 _____ () C:\Users\Victor\Downloads\Addition.txt
2015-02-01 18:28 - 2015-02-01 18:53 - 00000000 ____D () C:\FRST
2015-02-01 18:27 - 2015-02-01 18:27 - 02131456 _____ (Farbar) C:\Users\Victor\Downloads\FRST64.exe
2015-02-01 18:25 - 2015-02-01 18:25 - 00000234 _____ () C:\DelFix.txt
2015-02-01 18:25 - 2015-02-01 18:25 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-02-01 18:24 - 2015-02-01 18:24 - 00709564 _____ () C:\Users\Victor\Downloads\delfix_10.8.exe
2015-02-01 17:39 - 2015-02-01 17:40 - 00000000 ____D () C:\Users\Victor\Desktop\Screenshots
2015-02-01 17:39 - 2015-02-01 17:39 - 00000000 ____D () C:\Users\Victor\Desktop\Instagram
2015-02-01 16:59 - 2015-02-01 17:43 - 00000000 ____D () C:\Users\Victor\Desktop\DCIM
2015-01-31 00:42 - 2015-01-31 00:42 - 00000000 ____D () C:\Users\Victor\AppData\Local\c0e81897-5770-4379-9721-af88cbe7362f
2015-01-25 08:13 - 2015-01-25 08:13 - 00000046 _____ () C:\WINDOWS\wininit.ini
2015-01-24 22:48 - 2015-02-01 18:45 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-24 22:38 - 2015-01-24 22:38 - 00000000 _____ () C:\Recovery.txt
2015-01-24 21:27 - 2015-01-24 21:27 - 00000000 ____D () C:\ProgramData\eecc7f4000001e61
2015-01-24 21:22 - 2015-01-24 21:22 - 00000000 ____D () C:\Program Files (x86)\predm
2015-01-24 17:51 - 2015-01-24 17:59 - 00004034 _____ () C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-01-24 17:51 - 2015-01-24 17:51 - 00003654 _____ () C:\WINDOWS\System32\Tasks\Sparta WW1
2015-01-24 17:51 - 2015-01-24 17:51 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\OpenSoftwareUpdater
2015-01-24 17:50 - 2015-02-01 18:50 - 00000310 _____ () C:\WINDOWS\Tasks\WSE_Taplika.job
2015-01-24 17:50 - 2015-01-25 09:39 - 00000000 ____D () C:\ProgramData\Windows Discount
2015-01-24 17:50 - 2015-01-24 21:31 - 00000000 ____D () C:\Users\Victor\AppData\Local\Sparta
2015-01-24 17:50 - 2015-01-24 21:31 - 00000000 ____D () C:\Users\Victor\AppData\Local\Pirates
2015-01-24 17:50 - 2015-01-24 21:31 - 00000000 ____D () C:\Program Files (x86)\OpenSoftwareUpdater
2015-01-24 17:50 - 2015-01-24 17:50 - 00003604 _____ () C:\WINDOWS\System32\Tasks\Pirates WW1
2015-01-24 17:50 - 2015-01-24 17:50 - 00002648 _____ () C:\WINDOWS\System32\Tasks\WSE_Taplika
2015-01-24 17:50 - 2015-01-24 17:50 - 00000000 ____D () C:\ZombieNews
2015-01-24 17:50 - 2015-01-24 17:50 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\sparta123
2015-01-24 17:50 - 2015-01-24 17:50 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Pirates854
2015-01-24 17:50 - 2015-01-24 17:50 - 00000000 ____D () C:\Program Files (x86)\Windows Discount
2015-01-24 17:43 - 2015-01-24 17:43 - 00008524 _____ () C:\WINDOWS\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-6
2015-01-24 17:43 - 2015-01-24 17:43 - 00008188 _____ () C:\WINDOWS\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-7
2015-01-24 17:43 - 2015-01-24 17:43 - 00006122 _____ () C:\WINDOWS\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-1
2015-01-24 17:43 - 2015-01-24 17:43 - 00005452 _____ () C:\WINDOWS\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-5
2015-01-24 17:43 - 2015-01-24 17:43 - 00005116 _____ () C:\WINDOWS\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-2
2015-01-24 17:42 - 2015-02-01 18:40 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2015-01-24 17:42 - 2015-01-24 17:42 - 00005460 _____ () C:\WINDOWS\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-5
2015-01-24 17:42 - 2015-01-24 17:42 - 00004188 _____ () C:\WINDOWS\System32\Tasks\SearchSnacks Auto Updater 1.10.0.7 Pending Update
2015-01-24 17:42 - 2015-01-24 17:42 - 00004178 _____ () C:\WINDOWS\System32\Tasks\SearchSnacks Auto Updater 1.10.0.7 Core
2015-01-24 17:41 - 2015-01-26 17:48 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-24 17:41 - 2015-01-24 17:41 - 00008532 _____ () C:\WINDOWS\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-6
2015-01-24 17:41 - 2015-01-24 17:41 - 00008196 _____ () C:\WINDOWS\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-7
2015-01-24 17:41 - 2015-01-24 17:41 - 00007026 _____ () C:\WINDOWS\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-12
2015-01-24 17:41 - 2015-01-24 17:41 - 00006138 _____ () C:\WINDOWS\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-1
2015-01-24 17:41 - 2015-01-24 17:41 - 00005124 _____ () C:\WINDOWS\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-2
2015-01-24 17:41 - 2015-01-24 17:41 - 00003254 _____ () C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule
2015-01-24 17:41 - 2015-01-24 17:41 - 00000000 ____D () C:\Users\Victor\Documents\Optimizer Pro
2015-01-24 17:41 - 2015-01-24 17:41 - 00000000 ____D () C:\Users\Victor\AppData\Local\globalUpdate
2015-01-24 17:39 - 2015-01-24 17:39 - 00000000 ____D () C:\ProgramData\COMODO
2015-01-24 17:38 - 2015-01-24 18:57 - 00001989 _____ () C:\WINDOWS\patsearch.bin
2015-01-24 17:38 - 2015-01-24 17:38 - 00003064 _____ () C:\WINDOWS\System32\Tasks\CheckMeUp Update
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 ____D () C:\Program Files\COMODO
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA609.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA608.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA5D9.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA5BB.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA5BA.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA58C.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA58B.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA56C.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA54C.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA53D.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA52D.tmp
2015-01-24 17:37 - 2015-01-24 17:37 - 00344312 _____ () C:\Users\Victor\Downloads\Setup.exe
2015-01-24 17:37 - 2015-01-24 17:37 - 00000000 ____D () C:\5d7a97a0-e1aa-463f-9148-43880ad81720
2015-01-17 16:51 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-17 16:51 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-13 17:27 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-13 17:27 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-13 17:27 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-13 17:27 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-13 17:27 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-13 17:27 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-13 17:27 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-13 17:27 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-13 17:27 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-13 17:27 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-13 17:27 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-13 17:27 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-13 17:27 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-13 17:27 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-13 17:27 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 17:27 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-13 17:27 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-13 17:27 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-13 17:27 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-13 17:27 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-13 17:27 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-13 17:27 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-13 17:27 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-13 17:27 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-13 17:27 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-13 17:27 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-13 17:27 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-13 17:27 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-13 17:27 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-13 17:27 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-13 17:27 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-07 04:58 - 2015-01-07 04:58 - 00000000 ____D () C:\Users\Victor\AppData\Local\Downloaded Installations

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 18:51 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-01 18:24 - 2014-08-05 18:10 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08E11EC6-E211-4DDB-8A82-5D3FBC1615B2}
2015-02-01 18:17 - 2014-01-18 19:02 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2853981730-3285263648-1272542218-1001
2015-02-01 18:16 - 2014-03-18 05:03 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-01 18:13 - 2014-08-05 18:09 - 00000000 ___DO () C:\Users\Victor\OneDrive
2015-02-01 18:12 - 2013-08-22 09:46 - 00409645 _____ () C:\WINDOWS\setupact.log
2015-02-01 18:12 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-01 18:11 - 2014-03-18 04:54 - 00025332 _____ () C:\WINDOWS\PFRO.log
2015-02-01 18:11 - 2014-02-03 22:49 - 00000000 ____D () C:\Program Files\Google
2015-02-01 18:11 - 2014-02-03 22:48 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-01 18:11 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-01 18:05 - 2014-02-03 22:48 - 00000000 ____D () C:\Users\Victor\AppData\Local\Google
2015-02-01 18:05 - 2012-09-04 20:51 - 00000000 ____D () C:\ProgramData\Google
2015-02-01 18:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-01 17:16 - 2014-08-05 17:54 - 01490803 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-31 18:57 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-28 12:28 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-25 09:46 - 2013-01-04 18:49 - 00000000 ____D () C:\Users\Victor\AppData\Local\Packages
2015-01-25 00:45 - 2014-01-18 20:32 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-24 22:51 - 2014-09-27 14:12 - 00000000 ____D () C:\Users\Victor\AppData\Local\Adobe
2015-01-24 22:15 - 2014-01-18 19:10 - 00000000 __SHD () C:\KRECYCLE
2015-01-24 21:31 - 2014-01-18 20:30 - 00000000 ____D () C:\Program Files (x86)\AOL
2015-01-24 17:58 - 2013-08-22 09:44 - 00337840 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-24 17:50 - 2013-12-27 22:15 - 00001474 _____ () C:\Users\Victor\Desktop\iexplore.lnk
2015-01-24 15:20 - 2013-08-22 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 15:20 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 18:10 - 2014-01-19 21:03 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-13 18:05 - 2014-01-19 21:03 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-09-20 14:42 - 2014-09-20 14:42 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Victor\AppData\Local\Temp\1A8823F6-6F8F-E621-495D-379A407DA2E6.dll
C:\Users\Victor\AppData\Local\Temp\1A8823F6-6F8F-E621-495D-379A407DA2E6.exe
C:\Users\Victor\AppData\Local\Temp\6AC95AB4-264C-2B65-F168-30998E4D2938.exe
C:\Users\Victor\AppData\Local\Temp\AcsInstall.dll
C:\Users\Victor\AppData\Local\Temp\optprosetup.exe
C:\Users\Victor\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Victor\AppData\Local\Temp\sysad.exe
C:\Users\Victor\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Victor\AppData\Local\Temp\System.Data.SQLitec0e81897-5770-4379-9721-af88cbe7362f.dll
C:\Users\Victor\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-31 21:46

==================== End Of Log ============================

 

ADDITION LOG

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Victor at 2015-02-01 18:53:36
Running from C:\Users\Victor\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kingsoft Antivirus System Defense (Disabled - Up to date) {B6A51389-A795-5AC9-13BA-F569D73F3FE8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kingsoft Antivirus System Defense (Disabled - Up to date) {0DC4F26D-81AF-5547-290A-CE1BACB87555}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AOL Toolbar (HKLM-x32\...\AOL Toolbar) (Version:  - AOL Inc.)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.4.1230 - DVDVideoSoft Ltd.)
HP Officejet 6600 Basic Device Software (HKLM\...\{B407F586-D027-45C3-9109-CC2943E839FA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Help (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6600 Product Improvement Study (HKLM\...\{9DD732B9-9B16-4F28-8E21-4AB5E40AF7DE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Kingsoft Antivirus 2012 (HKLM-x32\...\Kingsoft Internet Security) (Version: 2012.5.7 - Kingsoft Internet Security)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Nuvoton CIR Device Drivers (HKLM-x32\...\{096C6EA4-738C-4A01-BB98-45B93B6B9B34}) (Version: 8.60.5001 - Nuvoton Technology Corporation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1013.0 - TOSHIBA CORPORATION)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0001.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102  - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.8.7 - WildTangent) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

17-01-2015 16:50:45 Windows Update
23-01-2015 09:43:12 Windows Update
25-01-2015 01:00:56 Removed GeekBuddy.
28-01-2015 12:27:30 Windows Update
01-02-2015 16:03:06 Removed TomTom HOME.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {023A1073-5325-447B-8CB8-D5F28AB8D59A} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-5_user => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-5.exe <==== ATTENTION
Task: {02F5F743-2425-4ED7-A9BA-C71CB3D8C7A2} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Victor\AppData\Local\SmartWeb\SmartWebHelper.exe
Task: {0E729C64-438C-426C-BADF-57E103253FE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1133B6D7-F9DF-4DFA-97F4-11C14C2483C5} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-5 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-5.exe <==== ATTENTION
Task: {17C97350-D775-4A20-B0CD-B07708394C46} - System32\Tasks\Sparta WW1 => Chrome.exe --app=http://plarium.com/play/en/sparta/top/?adCampaign=30801&amp;ClickID=tBtDyCzzzy0D0F0FyByDtD0Ezy0B0Ezy&amp;publisherID=0 --app-window-size=1920,1080
Task: {1EECCA72-0923-45E3-94F1-F651D83BB145} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {2D56971F-090B-4C09-BAF2-689D78284909} - System32\Tasks\CheckMeUp Update => C:\Program Files (x86)\ver8CheckMeUp\k6CheckMeUps97.exe
Task: {3A7D282E-C6D0-4EF4-8524-A6733C668EBE} - System32\Tasks\Pirates WW1 => Chrome.exe --kiosk http://plarium.com/play/en/pirates/top/?adCampaign=42503&amp;clickID=tBtDyCzzzy0D0F0FyByDtD0Ezy0B0Ezy&amp;publisherID=0
Task: {3C9454FA-0C48-46E6-B78B-F5B37357271A} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-1 => C:\Program Files (x86)\SmartSaver+ 21\SmartSaver+ 21-codedownloader.exe <==== ATTENTION
Task: {3E7791AA-9C28-442E-82AA-D42935DA2BC7} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-7 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-7.exe <==== ATTENTION
Task: {4BC1C635-BF66-49FE-81FB-220B7DC9D95F} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {608D3F77-0F3A-4209-BBC2-FAA8C14E09C1} - System32\Tasks\SearchSnacks Auto Updater 1.10.0.7 Pending Update => C:\Program Files (x86)\SearchSnacks_1.10.0.7\Update\SearchSnacksAutoUpdateClient.exe
Task: {68F6E265-974A-4B6C-A464-26AF2FD301C9} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-1 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\PlusHD Q-9.1V24.01-codedownloader.exe <==== ATTENTION
Task: {6BB37437-7F66-4415-B24C-E768D88C2996} - System32\Tasks\WSE_Taplika => C:\Users\Victor\AppData\Roaming\WSE_TA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {74A928D4-43C0-404E-A7F2-AEA35E16AD72} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-2 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-2.exe <==== ATTENTION
Task: {88C44054-8287-421D-ABD1-A16551ECF5FA} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.33\OptProLauncher.exe <==== ATTENTION
Task: {89CA189D-546A-46E3-9FA0-2ECA56C268A8} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-2 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-2.exe <==== ATTENTION
Task: {8A2B9A2A-D4A5-4D39-A457-89DA6041FA6B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {8C459ADA-966D-46E5-B7A9-A7BD47C03C76} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-5 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-5.exe <==== ATTENTION
Task: {932AC95D-D10D-47AD-885C-B23CECD36620} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-6 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-6.exe <==== ATTENTION
Task: {966B83CD-5372-4815-A34A-2D8AAC51ACAD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-13] (Microsoft Corporation)
Task: {9F8ED03B-7DA3-490D-9698-F139A0B46AC8} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-10_user => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-10.exe <==== ATTENTION
Task: {A00342BD-7B44-4490-A902-4D88A98B6688} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC72FFCB-3056-4C86-8142-9C9093CD2F74} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {B300CB4C-5D84-41DD-B1D6-2EE9A0A24E22} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-12 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-12.exe <==== ATTENTION
Task: {D6D84C25-5189-4E89-94BF-2D7FA97E1136} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-5_user => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-5.exe <==== ATTENTION
Task: {D95FFD1A-B857-4206-BF35-A77A8BB47250} - System32\Tasks\SearchSnacks Auto Updater 1.10.0.7 Core => C:\Program Files (x86)\SearchSnacks_1.10.0.7\Update\SearchSnacksAutoUpdateClient.exe
Task: {DBBF696E-BA41-48EA-8DDB-DA1D9CE1FA24} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-6 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-6.exe <==== ATTENTION
Task: {DCE47720-0945-4C37-9661-248913CB8409} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-10_user => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-10.exe <==== ATTENTION
Task: {F214C648-BB7E-4603-914A-CD42C381EB71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F5D120AF-66F7-447C-946C-E3ED226F1231} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-7 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-7.exe <==== ATTENTION
Task: {FF12DE08-5FB8-4BEA-92F4-04D3A1B27F7B} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\WSE_Taplika.job => C:\Users\Victor\AppData\Roaming\WSE_TA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-03-16 15:24 - 2012-03-16 15:24 - 00091520 _____ () C:\Program Files\Toshiba\Hotkey\fsHid.dll
2012-07-18 17:38 - 2012-07-18 17:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-09-03 07:02 - 2012-09-03 07:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-23 14:05 - 2014-04-23 14:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 14:04 - 2014-04-23 14:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-19 13:34 - 2014-08-19 13:34 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\zlib.dll
2014-08-19 13:34 - 2014-08-19 13:34 - 21151232 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libcef.dll
2014-08-19 13:34 - 2014-08-19 13:34 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libglesv2.dll
2014-08-19 13:34 - 2014-08-19 13:34 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libegl.dll
2012-11-08 23:24 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Victor\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2853981730-3285263648-1272542218-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2853981730-3285263648-1272542218-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2853981730-3285263648-1272542218-1003 - Limited - Enabled)
TeeJ (S-1-5-21-2853981730-3285263648-1272542218-1004 - Administrator - Enabled) => C:\Users\TeeJ
Victor (S-1-5-21-2853981730-3285263648-1272542218-1001 - Administrator - Enabled) => C:\Users\Victor

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2015 06:42:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app 9E2F88E3.Twitter_wgeqdkkx372wm!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/01/2015 06:27:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app 9E2F88E3.Twitter_wgeqdkkx372wm!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/01/2015 06:14:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.18, time stamp: 0x50124a31
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000374
Fault offset: 0x00000000000f0d6c
Faulting process id: 0x11e8
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5

Error: (02/01/2015 06:13:11 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (02/01/2015 06:12:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/01/2015 06:12:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (02/01/2015 06:51:55 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:51:21 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:50:46 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:50:43 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:50:23 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:50:22 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:50:21 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:50:11 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Error: (02/01/2015 06:42:11 PM) (Source: DCOM) (EventID: 10010) (User: MANITO)
Description: App.AppXd02w57v4mmta6ecgrtt2bsm1h6g0awac.mca

Error: (02/01/2015 06:37:19 PM) (Source: DCOM) (EventID: 10016) (User: MANITO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ManitoVictorS-1-5-21-2853981730-3285263648-1272542218-1001LocalHost (Using LRPC)DefaultBrowser_NOPUBLISHERIDS-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394

Microsoft Office Sessions:
=========================
Error: (02/01/2015 06:42:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: 9E2F88E3.Twitter_wgeqdkkx372wm!App-2144927141

Error: (02/01/2015 06:27:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (02/01/2015 06:27:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: 9E2F88E3.Twitter_wgeqdkkx372wm!App-2144927141

Error: (02/01/2015 06:14:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TPCHSrv.exe1.0.0.1850124a31ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c11e801d03e74e0741a6cC:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\WINDOWS\SYSTEM32\ntdll.dll1ef08345-aa68-11e4-bec2-20689dff750e

Error: (02/01/2015 06:13:11 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (02/01/2015 06:12:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (02/01/2015 06:12:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MANITO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

CodeIntegrity Errors:
===================================
  Date: 2015-02-01 18:19:02.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 18:19:02.572
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 18:18:46.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 18:18:46.541
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 16:33:27.371
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 16:33:27.261
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-25 09:39:02.250
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-25 09:39:02.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-24 22:52:22.625
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-24 22:52:22.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 6028.24 MB
Available physical RAM: 4263.7 MB
Total Pagefile: 7244.24 MB
Available Pagefile: 5269.89 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (TI10648400L) (Fixed) (Total:921.18 GB) (Free:829.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:27 PM

Posted 01 February 2015 - 07:19 PM

1.

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Attached File  fixlist.txt   15.64KB   1 downloads

 

 

2.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 DarkDream

DarkDream
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:27 PM

Posted 01 February 2015 - 07:34 PM

Ok, steps followed. Here's the logs. For some unsung reason the app is still not working, but now states that the webpage cannot be displayed.

 

FIXLOG

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by Victor at 2015-02-01 19:22:14 Run:1
Running from C:\Users\Victor\Downloads
Loaded Profiles: Victor (Available profiles: Victor & TeeJ & Administrator & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ospd_us_748] => [X]
HKLM-x32\...\Run: [gmsd_us_138] => [X]
AppInit_DLLs-x32: c:/progra~3/{29fac~1/171~1.0/nena.dll => "c:/progra~3/{29fac~1/171~1.0/nena.dll" File Not Found
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:47574
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL =
SearchScopes: HKLM-x32 -> {B938A52D-4357-47D8-A336-563009933BAC} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> DefaultScope {71FC85C9-B18F-4BD0-A6CA-37499DE94888} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_installertech_15_04&cd=2XzuyEtN2Y1L1QzutBtDyCzzzy0D0F0FyByDtD0Ezy0B0EzytN0D0Tzu0StCtCtCzytN1L2XzutAtFyBtFtBtFtDtN1L1Czu2Z1E1I1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0ByB0C0D0A0FzytG0AyEyDtCtG0CyEtC0CtGtCyDyBtAtGyDyC0AyD0Ezz0AyBzzyE0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyDzyyCtCtDyD0EtGtAyDzytDtGyEtDyDtDtG0BtAyByDtGtA0DtBzy0F0CyE0AtB0ByBtC2Q&cr=1990727283&ir=
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> {71FC85C9-B18F-4BD0-A6CA-37499DE94888} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_installertech_15_04&cd=2XzuyEtN2Y1L1QzutBtDyCzzzy0D0F0FyByDtD0Ezy0B0EzytN0D0Tzu0StCtCtCzytN1L2XzutAtFyBtFtBtFtDtN1L1Czu2Z1E1I1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0ByB0C0D0A0FzytG0AyEyDtCtG0CyEtC0CtGtCyDyBtAtGyDyC0AyD0Ezz0AyBzzyE0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyDzyyCtCtDyD0EtGtAyDzytDtGyEtDyDtDtG0BtAyByDtGtA0DtBzy0F0CyE0AtB0ByBtC2Q&cr=1990727283&ir=
SearchScopes: HKU\S-1-5-21-2853981730-3285263648-1272542218-1001 -> {DCD1F157-610C-4932-818C-01571D05A678} URL =
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - No Path
CHR HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - No Path
S1 ssnfd_1_10_0_7; system32\drivers\ssnfd_1_10_0_7.sys [X]
2015-01-24 21:27 - 2015-01-24 21:27 - 00000000 ____D () C:\ProgramData\eecc7f4000001e61
2015-01-24 17:50 - 2015-02-01 18:50 - 00000310 _____ () C:\WINDOWS\Tasks\WSE_Taplika.job
2015-01-24 17:50 - 2015-01-24 17:50 - 00002648 _____ () C:\WINDOWS\System32\Tasks\WSE_Taplika
2015-01-24 17:41 - 2015-01-24 17:41 - 00003254 _____ () C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule
2015-01-24 17:41 - 2015-01-24 17:41 - 00000000 ____D () C:\Users\Victor\Documents\Optimizer Pro
2015-01-24 17:41 - 2015-01-24 17:41 - 00000000 ____D () C:\Users\Victor\AppData\Local\globalUpdate
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA609.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA608.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA5D9.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA5BB.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA5BA.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA58C.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA58B.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA56C.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA54C.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA53D.tmp
2015-01-24 17:38 - 2015-01-24 17:38 - 00000000 _____ () C:\LILA52D.tmp
Task: {023A1073-5325-447B-8CB8-D5F28AB8D59A} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-5_user => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-5.exe <==== ATTENTION
Task: {1133B6D7-F9DF-4DFA-97F4-11C14C2483C5} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-5 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-5.exe <==== ATTENTION
Task: {3C9454FA-0C48-46E6-B78B-F5B37357271A} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-1 => C:\Program Files (x86)\SmartSaver+ 21\SmartSaver+ 21-codedownloader.exe <==== ATTENTION
Task: {3E7791AA-9C28-442E-82AA-D42935DA2BC7} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-7 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-7.exe <==== ATTENTION
ask: {68F6E265-974A-4B6C-A464-26AF2FD301C9} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-1 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\PlusHD Q-9.1V24.01-codedownloader.exe <==== ATTENTION
Task: {6BB37437-7F66-4415-B24C-E768D88C2996} - System32\Tasks\WSE_Taplika => C:\Users\Victor\AppData\Roaming\WSE_TA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {74A928D4-43C0-404E-A7F2-AEA35E16AD72} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-2 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-2.exe <==== ATTENTION
Task: {88C44054-8287-421D-ABD1-A16551ECF5FA} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.33\OptProLauncher.exe <==== ATTENTION
Task: {89CA189D-546A-46E3-9FA0-2ECA56C268A8} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-2 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-2.exe <==== ATTENTION
Task: {8C459ADA-966D-46E5-B7A9-A7BD47C03C76} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-5 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-5.exe <==== ATTENTION
Task: {932AC95D-D10D-47AD-885C-B23CECD36620} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-6 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-6.exe <==== ATTENTION
Task: {9F8ED03B-7DA3-490D-9698-F139A0B46AC8} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-10_user => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-10.exe <==== ATTENTION
Task: {B300CB4C-5D84-41DD-B1D6-2EE9A0A24E22} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-12 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\68a71867-5796-408b-ae78-82bda3d4ec33-12.exe <==== ATTENTION
Task: {D6D84C25-5189-4E89-94BF-2D7FA97E1136} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-5_user => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-5.exe <==== ATTENTION
Task: {DBBF696E-BA41-48EA-8DDB-DA1D9CE1FA24} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-6 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-6.exe <==== ATTENTION
Task: {DCE47720-0945-4C37-9661-248913CB8409} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-10_user => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-10.exe <==== ATTENTION
Task: {F5D120AF-66F7-447C-946C-E3ED226F1231} - System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-7 => C:\Program Files (x86)\SmartSaver+ 21\04010a76-7c37-4e0b-a952-e5eb20be61a3-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Taplika.job => C:\Users\Victor\AppData\Roaming\WSE_TA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Program Files (x86)\SmartSaver+ 21
C:\Program Files (x86)\Optimizer Pro 3.33

C:\Program Files (x86)\PlusHD Q-9.1V24.01
Emptytemp:

 

 

 

 

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ospd_us_748 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_us_138 => value deleted successfully.
"c:/progra~3/{29fac~1/171~1.0/nena.dll" => Value Data removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{589B893E-773C-4941-88C2-0DCC718E621C}" => Key deleted successfully.
HKCR\CLSID\{589B893E-773C-4941-88C2-0DCC718E621C} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B938A52D-4357-47D8-A336-563009933BAC}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B938A52D-4357-47D8-A336-563009933BAC} => Key not found.
HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{589B893E-773C-4941-88C2-0DCC718E621C}" => Key deleted successfully.
HKCR\CLSID\{589B893E-773C-4941-88C2-0DCC718E621C} => Key not found.
"HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71FC85C9-B18F-4BD0-A6CA-37499DE94888}" => Key deleted successfully.
HKCR\CLSID\{71FC85C9-B18F-4BD0-A6CA-37499DE94888} => Key not found.
"HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DCD1F157-610C-4932-818C-01571D05A678}" => Key deleted successfully.
HKCR\CLSID\{DCD1F157-610C-4932-818C-01571D05A678} => Key not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lfkjojacgdjkninepeghaamnapdjmlfn" => Key deleted successfully.
"HKU\S-1-5-21-2853981730-3285263648-1272542218-1001\SOFTWARE\Google\Chrome\Extensions\lfkjojacgdjkninepeghaamnapdjmlfn" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lfkjojacgdjkninepeghaamnapdjmlfn" => Key deleted successfully.
ssnfd_1_10_0_7 => Service deleted successfully.
C:\ProgramData\eecc7f4000001e61 => Moved successfully.
C:\WINDOWS\Tasks\WSE_Taplika.job => Moved successfully.
C:\WINDOWS\System32\Tasks\WSE_Taplika => Moved successfully.
C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule => Moved successfully.
C:\Users\Victor\Documents\Optimizer Pro => Moved successfully.
C:\Users\Victor\AppData\Local\globalUpdate => Moved successfully.
C:\LILA609.tmp => Moved successfully.
C:\LILA608.tmp => Moved successfully.
C:\LILA5D9.tmp => Moved successfully.
C:\LILA5BB.tmp => Moved successfully.
C:\LILA5BA.tmp => Moved successfully.
C:\LILA58C.tmp => Moved successfully.
C:\LILA58B.tmp => Moved successfully.
C:\LILA56C.tmp => Moved successfully.
C:\LILA54C.tmp => Moved successfully.
C:\LILA53D.tmp => Moved successfully.
C:\LILA52D.tmp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{023A1073-5325-447B-8CB8-D5F28AB8D59A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{023A1073-5325-447B-8CB8-D5F28AB8D59A}" => Key deleted successfully.
C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\68a71867-5796-408b-ae78-82bda3d4ec33-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1133B6D7-F9DF-4DFA-97F4-11C14C2483C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1133B6D7-F9DF-4DFA-97F4-11C14C2483C5}" => Key deleted successfully.
C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\68a71867-5796-408b-ae78-82bda3d4ec33-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C9454FA-0C48-46E6-B78B-F5B37357271A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C9454FA-0C48-46E6-B78B-F5B37357271A}" => Key deleted successfully.
C:\Windows\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04010a76-7c37-4e0b-a952-e5eb20be61a3-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E7791AA-9C28-442E-82AA-D42935DA2BC7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E7791AA-9C28-442E-82AA-D42935DA2BC7}" => Key deleted successfully.
C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\68a71867-5796-408b-ae78-82bda3d4ec33-7" => Key deleted successfully.
ask: {68F6E265-974A-4B6C-A464-26AF2FD301C9} - System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-1 => C:\Program Files (x86)\PlusHD Q-9.1V24.01\PlusHD Q-9.1V24.01-codedownloader.exe <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BB37437-7F66-4415-B24C-E768D88C2996}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BB37437-7F66-4415-B24C-E768D88C2996}" => Key deleted successfully.
C:\Windows\System32\Tasks\WSE_Taplika not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WSE_Taplika" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74A928D4-43C0-404E-A7F2-AEA35E16AD72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74A928D4-43C0-404E-A7F2-AEA35E16AD72}" => Key deleted successfully.
C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\68a71867-5796-408b-ae78-82bda3d4ec33-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88C44054-8287-421D-ABD1-A16551ECF5FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88C44054-8287-421D-ABD1-A16551ECF5FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\Optimizer Pro Schedule not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimizer Pro Schedule" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{89CA189D-546A-46E3-9FA0-2ECA56C268A8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89CA189D-546A-46E3-9FA0-2ECA56C268A8}" => Key deleted successfully.
C:\Windows\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04010a76-7c37-4e0b-a952-e5eb20be61a3-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C459ADA-966D-46E5-B7A9-A7BD47C03C76}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C459ADA-966D-46E5-B7A9-A7BD47C03C76}" => Key deleted successfully.
C:\Windows\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04010a76-7c37-4e0b-a952-e5eb20be61a3-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{932AC95D-D10D-47AD-885C-B23CECD36620}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{932AC95D-D10D-47AD-885C-B23CECD36620}" => Key deleted successfully.
C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\68a71867-5796-408b-ae78-82bda3d4ec33-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F8ED03B-7DA3-490D-9698-F139A0B46AC8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F8ED03B-7DA3-490D-9698-F139A0B46AC8}" => Key deleted successfully.
C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\68a71867-5796-408b-ae78-82bda3d4ec33-10_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B300CB4C-5D84-41DD-B1D6-2EE9A0A24E22}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B300CB4C-5D84-41DD-B1D6-2EE9A0A24E22}" => Key deleted successfully.
C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-12 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\68a71867-5796-408b-ae78-82bda3d4ec33-12" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6D84C25-5189-4E89-94BF-2D7FA97E1136}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6D84C25-5189-4E89-94BF-2D7FA97E1136}" => Key deleted successfully.
C:\Windows\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04010a76-7c37-4e0b-a952-e5eb20be61a3-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBBF696E-BA41-48EA-8DDB-DA1D9CE1FA24}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBBF696E-BA41-48EA-8DDB-DA1D9CE1FA24}" => Key deleted successfully.
C:\Windows\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04010a76-7c37-4e0b-a952-e5eb20be61a3-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DCE47720-0945-4C37-9661-248913CB8409}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE47720-0945-4C37-9661-248913CB8409}" => Key deleted successfully.
C:\Windows\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04010a76-7c37-4e0b-a952-e5eb20be61a3-10_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5D120AF-66F7-447C-946C-E3ED226F1231}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5D120AF-66F7-447C-946C-E3ED226F1231}" => Key deleted successfully.
C:\Windows\System32\Tasks\04010a76-7c37-4e0b-a952-e5eb20be61a3-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04010a76-7c37-4e0b-a952-e5eb20be61a3-7" => Key deleted successfully.
C:\WINDOWS\Tasks\WSE_Taplika.job not found.
"C:\Program Files (x86)\SmartSaver+ 21" => File/Directory not found.
"C:\Program Files (x86)\Optimizer Pro 3.33" => File/Directory not found.
"C:\Program Files (x86)\PlusHD Q-9.1V24.01" => File/Directory not found.
EmptyTemp: => Removed 1.6 GB temporary data.

The system needed a reboot.

==== End of Fixlog 19:22:39 ====

 

 

 

ADW LOG

# AdwCleaner v4.109 - Report created 01/02/2015 at 19:29:54
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Victor - MANITO
# Running from : C:\Users\Victor\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ZombieNews
Folder Deleted : C:\Users\Victor\Favorites\StumbleUpon
Folder Deleted : C:\ProgramData\AOL Toolbar
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files (x86)\AOL Toolbar
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\Guest\Favorites\StumbleUpon
Folder Deleted : C:\Users\TeeJ\Favorites\StumbleUpon
Folder Deleted : C:\Users\Victor\AppData\Local\SearchProtect
File Deleted : C:\END
File Deleted : C:\WINDOWS\patsearch.bin
File Deleted : C:\WINDOWS\System32\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf

***** [ Scheduled Tasks ] *****

Task Deleted : SmartWeb Upgrade Trigger Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\EZ Software Updater
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\us.yhs4.search.yahoo.com
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]

*************************

AdwCleaner[R0].txt - [7111 octets] - [01/02/2015 19:27:24]
AdwCleaner[S0].txt - [6853 octets] - [01/02/2015 19:29:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6913 octets] ##########


Edited by DarkDream, 01 February 2015 - 07:38 PM.


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:27 PM

Posted 01 February 2015 - 07:42 PM

1.

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"
     
    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.
     
    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.
     
    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.
     
    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
     
    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and past the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 

2.

ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!

  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 DarkDream

DarkDream
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:27 PM

Posted 01 February 2015 - 09:47 PM

Alright, here's the log for Malware Bytes and for the online scanner. The app still isn't working and is saying that it cannot connect to webpage with any attempt to load a webpage.

 

MALWARE BYTES

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/1/2015
Scan Time: 7:46:12 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.01.07
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Victor

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 459319
Time Elapsed: 7 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 8
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY, Quarantined, [82c9f821048604322add5f37b44fbe42],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks_1.10.0.7, Quarantined, [e2690b0e5832f640e9812e62cf34d927],
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{d924d8dc}, Quarantined, [d17a9782c6c43afc6ddc7b2ae71c1fe1],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PlusHD Q-9.1V24.01-nv, Quarantined, [0b40f722c8c248eec387375a05fe4fb1],
PUP.Optional.SmartSaver.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartSaver+ 21-nv, Quarantined, [eb60b5647c0e171f99b122a1f2116b95],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PlusHD Q-9.1V24.01, Quarantined, [49026daca5e5e25497b4dcb5a55eed13],
PUP.Optional.SmartSaver.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 21, Quarantined, [71da6cad6426f145ec5c358ef50efb05],
PUP.Optional.DesktopDockApp.A, HKU\S-1-5-21-2853981730-3285263648-1272542218-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DesktopDockApp, Quarantined, [d477e435fc8e2f07866cf197bf44a858],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.FindingDiscount.A, C:\Program Files (x86)\Windows Discount, Quarantined, [a9a292870882f541eeaa5328e91a738d],
PUP.Optional.FindingDiscount.A, C:\Program Files (x86)\Windows Discount\FindingDiscount, Quarantined, [a9a292870882f541eeaa5328e91a738d],
PUP.Optional.FindingDiscount.A, C:\ProgramData\Windows Discount, Quarantined, [6ae15ebb3d4d6ec85e3bf9821de635cb],
PUP.Optional.RuntimeManager.A, C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager, Quarantined, [c8836faaaedc75c128763b40f310bd43],

Files: 4
PUP.Optional.QuickShare.A, C:\Users\Victor\Desktop\QuickShare1-2-.exe, Quarantined, [b19a82975d2dbd793974ff1f31cf7c84],
PUP.Optional.Bundlore, C:\Users\Victor\Downloads\Setup.exe, Quarantined, [2c1ff5242d5def475b7daaef0ff604fc],
PUP.Optional.CheckMeUp.A, C:\Windows\System32\Tasks\CheckMeUp Update, Quarantined, [9dae5cbdfe8cc373fbdd0d7cb44fd52b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\68a71867-5796-408b-ae78-82bda3d4ec33-1, Quarantined, [6cdf7a9f69211b1bb776bde5cd36ec14],

Physical Sectors: 0
(No malicious items detected)

(end)

 

ESET LOG

C:\Users\Victor\AppData\Local\AOL\C_AOL Desktop 9.7\browserCache\f_000359 SWF/TrojanDownloader.Iframe.AF trojan cleaned by deleting - quarantined
C:\Users\Victor\AppData\Local\AOL\C_AOL Desktop 9.7a\browserCache\f_000359 SWF/TrojanDownloader.Iframe.AF trojan cleaned by deleting - quarantined
C:\Users\Victor\Desktop\KingSoftFree.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Users\Victor\Downloads\ARO2013_tbt.exe a variant of Win32/Systweak potentially unwanted application deleted - quarantined

 


Edited by DarkDream, 01 February 2015 - 09:57 PM.


#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:27 PM

Posted 01 February 2015 - 10:22 PM

You may have to reinstall that app. How is the machine running otherwise?


Edited by fireman4it, 01 February 2015 - 10:23 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 DarkDream

DarkDream
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:27 PM

Posted 01 February 2015 - 11:11 PM

With the exception of that app the pc runs just fine. I tried to uninstall it but I don't see how to. I'm not very familiar with windows 8.1. How exactly can I uninstall the app version of ie?

#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:27 PM

Posted 01 February 2015 - 11:14 PM

You should be able to go to your app store and just download it again I assume. Im not to famaliar with windows 8 either just the basics and malware removal. Let me know if you find a way. If not you can post in the windows 8 section of the forums. We will clean up the tools and such as soon as you let me know the machine is running ok.


Edited by fireman4it, 01 February 2015 - 11:15 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:27 PM

Posted 03 February 2015 - 05:36 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:27 PM

Posted 05 February 2015 - 08:02 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users